package com.lu.auth.controller;

import com.lu.common.api.system.RemoteLogService;
import com.lu.common.core.constant.Constants;
import com.lu.common.core.constant.SecurityConstants;
import com.lu.common.core.domain.R;
import com.lu.common.core.utils.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Map;

/**
 * @program LuCloud-RuoYi
 * @description: token控制
 * @author: zhanglu
 * @create: 2020-07-02 13:53:00
 */
@RestController
@RequestMapping("/token")
public class TokenController {

    @Autowired
    private TokenStore tokenStore;

    @Autowired(required = false)
    private RemoteLogService remoteLogService;

    @DeleteMapping("/logout")
    public R<?> logout(@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false) String authHeader){
        if(StringUtils.isEmpty(authHeader)){
            return R.ok();
        }
        String tokenValue = authHeader.replace(OAuth2AccessToken.BEARER_TYPE, StringUtils.EMPTY).trim();
        OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue);
        if(accessToken == null || StringUtils.isEmpty(accessToken.getValue())){
            return R.ok();
        }

        //清空access_token
        tokenStore.removeAccessToken(accessToken);

        //清空 refresh_token
        OAuth2RefreshToken refreshToken = accessToken.getRefreshToken();
        tokenStore.removeRefreshToken(refreshToken);

        Map<String, Object> map = accessToken.getAdditionalInformation();
        if(map.containsKey(SecurityConstants.DETAILS_USERNAME)){
            String username = (String) map.get(SecurityConstants.DETAILS_USERNAME);
            //记录用户退出日志
            remoteLogService.saveLogininfor(username, Constants.LOGOUT, "退出成功");
        }

        return R.ok();
    }

}
